$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/4bbd1bdf-866e-4b25-9ac6-e929a05080b9.roa File: 4bbd1bdf-866e-4b25-9ac6-e929a05080b9.roa (raw, json) Hash identifier: dElrE+zYsF0Dqpjf9Fi8SbnOxcR5co3e0anMQ08Ey3Y= Subject key identifier: 0A:FB:AA:24:68:DA:51:A0:76:E0:31:55:55:EF:95:FD:39:20:86:16 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 5566ED90F8233A07A35DD9ABB62FA50DD0795361 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/4bbd1bdf-866e-4b25-9ac6-e929a05080b9.roa Signing time: Mon 07 Jul 2025 16:00:01 +0000 ROA not before: Mon 07 Jul 2025 16:00:01 +0000 ROA not after: Mon 11 Aug 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2403:b300:1000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 00:01:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:66:ed:90:f8:23:3a:07:a3:5d:d9:ab:b6:2f:a5:0d:d0:79:53:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Jul 7 16:00:01 2025 GMT Not After : Aug 11 23:59:59 2025 GMT Subject: serialNumber=d4ab06bb23fb3337b6d5759c6b3ceafb3425121560076f7526c5c73bdf34d5af, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:33:b1:40:86:d3:89:a9:cb:8b:d9:ce:8f:07: 7b:80:03:d9:43:0b:65:60:04:26:13:d6:7d:6f:28: 37:ec:ab:d4:d0:bf:f0:1d:8d:bd:4f:6f:75:e9:4b: 1c:03:7a:03:e9:9f:bb:1c:57:31:6f:f2:1b:ab:7c: d6:bc:cd:ec:2f:a1:d3:d0:99:19:ba:5a:3f:aa:79: f3:98:2c:e5:68:43:9d:52:89:e9:70:34:52:1b:fd: ea:f4:57:98:ec:f8:d1:28:3e:84:c0:20:73:54:96: c1:52:d4:04:08:29:cb:c2:ce:45:56:3b:48:0b:97: b6:1a:50:4c:da:84:70:ed:56:ac:73:9b:3d:c1:a1: 80:7d:7c:fd:a2:c2:67:8d:4a:2e:96:6c:be:10:2b: 71:e4:9c:c3:0d:cc:73:0a:0a:d9:35:92:7e:03:a4: 31:4a:f8:dd:53:27:61:3e:31:7f:50:f0:e0:19:75: 42:c9:71:5b:62:8c:47:25:4f:7a:1b:55:2d:81:64: 96:8c:9a:a3:6e:68:cc:25:f8:58:ec:9b:ce:f0:54: 53:17:c7:4a:7a:2f:99:e0:1c:da:4b:16:2a:4e:30: bd:67:52:9e:c5:36:79:67:8b:8d:13:fc:a9:d6:19: 59:95:4c:49:a2:fc:89:d6:f2:32:39:fd:bd:45:85: 64:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:FB:AA:24:68:DA:51:A0:76:E0:31:55:55:EF:95:FD:39:20:86:16 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/4bbd1bdf-866e-4b25-9ac6-e929a05080b9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300:1000::/48 Signature Algorithm: sha256WithRSAEncryption 17:cf:61:c3:25:3f:d5:a0:b1:00:e3:d8:a1:a4:49:09:29:29: 00:bb:3f:ce:9f:ee:11:ce:c2:e9:b8:26:f0:9e:86:5c:23:13: 61:5a:aa:fb:db:59:87:bc:2a:17:c1:e2:94:38:c8:89:9a:a5: 32:2f:98:4d:a7:33:19:85:c7:ab:9e:bc:02:6f:56:e5:5b:13: a5:d2:b1:e1:cd:d8:a5:03:c8:43:8c:24:2d:9b:7a:9c:da:a3: 85:8d:a6:ec:dc:4f:7a:6b:ad:59:fa:d6:67:a2:a8:bf:8e:49: 9a:eb:c6:f5:fd:30:4e:e7:9f:69:4a:3d:c0:58:50:9b:95:8a: 8c:b1:88:a7:c3:83:3e:c8:11:dd:ec:a0:83:14:2c:92:e6:d6: 0d:d3:11:e7:41:a2:bb:f4:ba:a0:6a:fa:3b:6b:a0:90:40:0c: 92:ca:ae:90:ae:a3:03:16:71:f2:cb:0a:d6:a0:e6:d9:05:0b: 02:90:f4:72:73:a8:26:8c:73:98:d0:69:77:ca:63:ed:fe:bd: c8:65:a2:42:6a:68:02:b1:98:c2:3d:aa:46:5d:79:1b:b2:45: 10:47:55:0e:24:f1:67:fd:33:a1:ad:98:7f:3f:f7:31:06:28: 9b:6c:f7:45:3c:4c:0e:27:13:fc:29:f8:1f:1c:bf:0a:07:27: e5:2b:df:3e -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUVWbtkPgjOgejXdmrti+lDdB5U2EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDcwNzE2MDAwMVoX DTI1MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAZDRhYjA2YmIyM2ZiMzMzN2I2ZDU3 NTljNmIzY2VhZmIzNDI1MTIxNTYwMDc2Zjc1MjZjNWM3M2JkZjM0ZDVhZjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTOxQIbTianLi9nOjwd7gAPZQwtl YAQmE9Z9byg37KvU0L/wHY29T2916UscA3oD6Z+7HFcxb/Ibq3zWvM3sL6HT0JkZ ulo/qnnzmCzlaEOdUonpcDRSG/3q9FeY7PjRKD6EwCBzVJbBUtQECCnLws5FVjtI C5e2GlBM2oRw7Vasc5s9waGAfXz9osJnjUoulmy+ECtx5JzDDcxzCgrZNZJ+A6Qx SvjdUydhPjF/UPDgGXVCyXFbYoxHJU96G1UtgWSWjJqjbmjMJfhY7JvO8FRTF8dK ei+Z4BzaSxYqTjC9Z1KexTZ5Z4uNE/yp1hlZlUxJovyJ1vIyOf29RYVkSQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFAr7qiRo2lGgduAxVVXvlf05IIYWMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzRiYmQxYmRmLTg2NmUtNGIyNS05YWM2LWU5MjlhMDUwODBiOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAOzABAAMA0GCSqGSIb3DQEBCwUAA4IBAQAXz2HDJT/VoLEA49ih pEkJKSkAuz/On+4RzsLpuCbwnoZcIxNhWqr721mHvCoXweKUOMiJmqUyL5hNpzMZ hcernrwCb1blWxOl0rHhzdilA8hDjCQtm3qc2qOFjabs3E96a61Z+tZnoqi/jkma 68b1/TBO559pSj3AWFCblYqMsYinw4M+yBHd7KCDFCyS5tYN0xHnQaK79Lqgavo7 a6CQQAySyq6QrqMDFnHyywrWoObZBQsCkPRyc6gmjHOY0Gl3ymPt/r3IZaJCamgC sZjCPapGXXkbskUQR1UOJPFn/TOhrZh/P/cxBiibbPdFPEwOJxP8KfgfHL8KByfl K98+ -----END CERTIFICATE-----Generated at Mon Jul 21 23:21:17 2025 by rpki-client